Conduct Risk - Can you regulate risk culture?

by Frances Cowell

Spurred on by bank failures and government rescues in the northern hemisphere, regulators embarked upon a decade’s work to overhaul the governance of financial institutions.

The scope of this enterprise has been immense following the prodigious financial crisis and its aftermath. Banking regulation has seen new capital measures proposed, new risks identified in derivatives and collateral markets, more derivatives transacted on exchanges, more conservative balance sheet treatments for “special investment vehicles”, stringent regulation of organisations deemed “systemically important” and proposals aimed at aligning remuneration with outcomes.

Evident disregard for risk in the quest for revenue growth, revelations of market rigging, mis-selling and flaunting of anti-money-laundering laws, together with the moral hazard intrinsic to large banks in developed economies has narrowed regulators’ focus to the risk culture in financial organisations.

Members of bank risk committees are thus expected to take responsibility for ongoing improvements to risk culture throughout their organisations. Yet for an individual board member in a large global organisation to know how the risk culture operates in all corners of an organisation comprising diverse customs and mores is herculean, and may well be unrealistic. One of many unintended consequences may be to deter the most talented directors from assuming the roles necessary to oversee risk activities within financial organisations. Another is that “common principles” may be interpreted differently throughout the organisation.

This is borne out by, for example, surveys commissioned by the Institute of International Finance (IIF) of responses to the AIFMD, among others, which have remarked the relative lack of risk management expertise within the boards of investment funds. One reported consequence is that it impedes the capacity of the board to pose informed questions. Another is that information communicated to boards is often inadequate and not timely enough to support conclusions about what risks are being taken.

Recognising the role that risk culture is attributed in the global financial crisis, we draw on insights from leading risk managers to survey the potentially complicating effects of demographics, administrative imperatives and contradicitons, regulatory capture and political cycles on the practicalities of promoting and overseeing constructive risk culture in global financial organisations.

“Look, being a compliance guy or a risk compliance guy means you are sitting there and you are watching all the kids in the pool and you know somebody is (doing something they shouldn’t be doing) in the pool but you don’t know who the hell it is.”

-Sir Michael Hintze

Clearly, improving the risk culture in financial organisations is an important initiative in the interests of maintaining stability in financial markets. But is it enough to prevent future failures of governance? What other forces are operating in this space?

Frances Cowell will be speaking on GRC: Challenges of Today & Tomorrow at the 10th Annual Internal Audit & Governance, Risk and Compliance Forum. Click on the link below to know more:

Europe Finance

10th Annual Internal Audit & Governance, Risk and Compliance Forum

Visit event website

Interested in this topic?

More articles